3.Consul 安装配置(Proxysql+mgr)

1.环境准备

1.MGR 三节点提前安装好
2.Proxy 参考上一章节准备好
3.Consul 配置信息如下
机器分布如下：
10.85.10.51 Mgr + ProxySQL + Consul client
10.85.10.52 Mgr + ProxySQL + Consul client
10.85.10.53 Mgr + ProxySQL + Consul client
10.85.10.54 Consul server
10.85.10.55 Consul server
10.85.10.56 Consul server
10.85.10.57 dnsmaq

2.Consul 安装

2.1 软件安装 在51-53 proxysql 54-56节点

创建目录 
mkdir -p /consul/log
mkdir -p /consul/consul.d
mkdir -p /etc/consul.d
sudo touch /consul/log/consul.log


解压
cd /soft 
unzip consul_1.9.5_linux_amd64.zip  -d /consul
--创建软链接
ln -s /consul/consul /usr/bin/consul
--查看版本
consul --version

2.2Consul Server 集群配置

#54节点
nohup consul agent -server -bootstrap-expect 3 -bind=10.85.10.54 -client=0.0.0.0 -data-dir=/consul/data -node=n54 -ui >> /consul/log/consul.log 2>&1 &
#55节点
nohup consul agent -server -bootstrap-expect 3 -bind=10.85.10.55 -client=0.0.0.0 -data-dir=/consul/data -node=n55 -ui >> /consul/log/consul.log 2>&1 &
#56节点
nohup consul agent -server -bootstrap-expect 3 -bind=10.85.10.56 -client=0.0.0.0 -data-dir=/consul/data -node=n56 -ui >> /consul/log/consul.log 2>&1 &

#在55，56，将节点中加入到54集群中
consul join 10.85.10.54

#查询集群状态
consul members
consul operator raft list-peers

[root@huyidb06 data]# consul members
Node          Address           Status  Type    Build  Protocol  DC   Segment
n54           10.85.10.54:8301  alive   server  1.9.5  2         dc1  <all>
n55           10.85.10.55:8301  alive   server  1.9.5  2         dc1  <all>
n56           10.85.10.56:8301  alive   server  1.9.5  2         dc1  <all>

[root@huyidb06 soft]# consul operator raft list-peers
Node  ID                                    Address           State     Voter  RaftProtocol
n54   059044be-ea1a-4444-ebb8-6f4ca4fcce10  10.85.10.54:8300  leader    true   3
n55   b262526b-c5ab-5a61-cb57-067d036ca993  10.85.10.55:8300  follower  true   3
n56   48a4b36c-51dc-edfa-3aa8-103e29636248  10.85.10.56:8300  follower  true   3

把配置信息写入到配置文件中

 #54节点，其它节点(55-56)修改node_name、advertise_addr和bind_addr即可：
mkdir -p /etc/consul.d/
pkill -9 consul

cat > /etc/consul.d/server.json  <<EOF
{ 
  "data_dir": "/consul/data",
  "datacenter": "dc1",
  "node_name": "n54", 
  "enable_syslog": true,
  "log_level": "INFO", 
  "server": true, 
  "advertise_addr":"10.85.10.54", 
  "bootstrap_expect": 3, 
  "bind_addr": "10.85.10.54", 
  "client_addr": "0.0.0.0", 
  "retry_join": ["10.85.10.54","10.85.10.55","10.85.10.56"],
  "retry_interval": "10s",
  "rejoin_after_leave": true,
  "start_join": ["10.85.10.54","10.85.10.55","10.85.10.56"] ,
  "ui": true
}
EOF 

nohup consul agent -config-dir=/etc/consul.d > /consul/log/consul.log &

#55节点
mkdir -p /etc/consul.d/
pkill -9 consul

cat > /etc/consul.d/server.json <<EOF 
{ 
  "data_dir": "/consul/data",
  "datacenter": "dc1",
  "node_name": "n55", 
  "enable_syslog": true,
  "log_level": "INFO", 
  "server": true, 
  "advertise_addr":"10.85.10.55", 
  "bootstrap_expect": 3, 
  "bind_addr": "10.85.10.55", 
  "client_addr": "0.0.0.0", 
  "retry_join": ["10.85.10.54","10.85.10.55","10.85.10.56"],
  "retry_interval": "10s",
  "rejoin_after_leave": true,
  "start_join": ["10.85.10.54","10.85.10.55","10.85.10.56"] ,
  "ui": true
}

EOF

nohup consul agent -config-dir=/etc/consul.d > /consul/log/consul.log &

#56节点
mkdir -p /etc/consul.d/
pkill -9 consul

cat > /etc/consul.d/server.json <<EOF 
{ 
  "data_dir": "/consul/data",
  "datacenter": "dc1",
  "node_name": "n56", 
  "enable_syslog": true,
  "log_level": "INFO", 
  "server": true, 
  "advertise_addr":"10.85.10.56", 
  "bootstrap_expect": 3, 
  "bind_addr": "10.85.10.56", 
  "client_addr": "0.0.0.0", 
  "retry_join": ["10.85.10.54","10.85.10.55","10.85.10.56"],
  "retry_interval": "10s",
  "rejoin_after_leave": true,
  "start_join": ["10.85.10.54","10.85.10.55","10.85.10.56"] ,
  "ui": true
}

EOF


nohup consul agent -config-dir=/etc/consul.d > /consul/log/consul.log &

#查询集群状态
consul members
consul operator raft list-peers

2.3Consul Client 配置

#proxysql1
mkdir -p /etc/consul.d/

cat > /etc/consul.d/client.json <<EOF
{
  "data_dir": "/data/consul",
  "enable_script_checks": true,
  "bind_addr": "10.85.10.51",
  "retry_join": ["10.85.10.54","10.85.10.55","10.85.10.56"],
  "retry_interval": "10s",
  "rejoin_after_leave": true,
  "start_join": ["10.85.10.54","10.85.10.55","10.85.10.56"] ,
  "node_name": "mgr-client51"
}
EOF

nohup consul agent -config-dir=/etc/consul.d > /consul/log/consul.log  &


#proxysql2
mkdir -p /etc/consul.d/
cat > /etc/consul.d/client.json <<EOF
{
  "data_dir": "/data/consul",
  "enable_script_checks": true,
  "bind_addr": "10.85.10.52",
  "retry_join": ["10.85.10.54","10.85.10.55","10.85.10.56"],
  "retry_interval": "10s",
  "rejoin_after_leave": true,
  "start_join": ["10.85.10.54","10.85.10.55","10.85.10.56"] ,
  "node_name": "mgr-client52"
}
EOF

nohup consul agent -config-dir=/etc/consul.d > /consul/log/consul.log  &



#proxysql3
mkdir -p /etc/consul.d/
cat > /etc/consul.d/client.json <<EOF
{
  "data_dir": "/data/consul",
  "enable_script_checks": true,
  "bind_addr": "10.85.10.53",
  "retry_join": ["10.85.10.54","10.85.10.55","10.85.10.56"],
  "retry_interval": "10s",
  "rejoin_after_leave": true,
  "start_join": ["10.85.10.54","10.85.10.55","10.85.10.56"] ,
  "node_name": "mgr-client53"
}
EOF

nohup consul agent -config-dir=/etc/consul.d  -enable-script-checks > /consul/log/consul.log  &

#状态检查
[root@huyidb02 soft]# consul members
Node          Address           Status  Type    Build  Protocol  DC   Segment
n54           10.85.10.54:8301  alive   server  1.9.5  2         dc1  <all>
n55           10.85.10.55:8301  alive   server  1.9.5  2         dc1  <all>
n56           10.85.10.56:8301  alive   server  1.9.5  2         dc1  <all>
mgr-client51  10.85.10.51:8301  alive   client  1.9.5  2         dc1  <default>
mgr-client52  10.85.10.52:8301  alive   client  1.9.5  2         dc1  <default>
mgr-client53  10.85.10.53:8301  alive   client  1.9.5  2         dc1  <default>

4.Consul 服务配置

service 配置：在3台proxy 节点上都需要操作，注意修改id 和 address地址为本机地址：
这里采用telnet 检查,更多配置可参见官网：https://www.consul.io/docs/discovery/checks

vi /etc/consul.d/proxysql.json
{
"service": {
"id": "proxysql1",
"name": "proxysql",
"tags": ["6033-rw-app"],
"address": "10.85.10.51",
"port": 6033,
        "check": {
            "interval": "3s", 
            "tcp": "127.0.0.1:6033", 
            "timeout": "1s"
        }
}
}

5.Consul 状态检查

5.1 服务检查

#检查配置文件是否正常
consul validate /etc/consul.d/

# 重新加载配置文件
consul reload

#检查配置结果 
consul catalog services
[root@huyidb03 consul.d]# consul catalog services
consul
proxysql

5.2 服务检查

#安装工具包
yum install -y bind-utils bind bind-chroot dnsmasq

#服务检查 dig @10.85.10.54  -p 8600  proxysql.service.consul a

[root@huyidb04 soft]# dig @10.85.10.54  -p 8600 proxysql.service.consul a

; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> @10.85.10.54 -p 8600 proxysql.service.consul a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44905
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;proxysql.service.consul.       IN      A

;; ANSWER SECTION:
proxysql.service.consul. 0      IN      A       10.85.10.51
proxysql.service.consul. 0      IN      A       10.85.10.52
proxysql.service.consul. 0      IN      A       10.85.10.53

;; Query time: 0 msec
;; SERVER: 10.85.10.54#8600(10.85.10.54)
;; WHEN: Tue May 25 23:10:23 CST 2021
;; MSG SIZE  rcvd: 100


#在client 端测试
dig @127.0.0.1 -p 8600 mgr-client51.node.consul
dig @127.0.0.1 -p 8600 mgr-client52.node.consul
dig @127.0.0.1 -p 8600 mgr-client53.node.consul

[root@huyidb01 consul.d]# dig @127.0.0.1 -p 8600 mgr-client51.node.consul

; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> @127.0.0.1 -p 8600 mgr-client51.node.consul
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31142
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mgr-client51.node.consul.      IN      A

;; ANSWER SECTION:
mgr-client51.node.consul. 0     IN      A       10.85.10.51

;; ADDITIONAL SECTION:
mgr-client51.node.consul. 0     IN      TXT     "consul-network-segment="

;; Query time: 220 msec
;; SERVER: 127.0.0.1#8600(127.0.0.1)
;; WHEN: Tue May 25 15:11:11 CST 2021
;; MSG SIZE  rcvd: 105

6.DSN 配置

6.1 dnsmaq 安装

App端配置域名服务器来解析consul后缀的域名，DNS解析及跳转， 有多个方案：
原内网dns服务器,做域名转发，consul后缀的，都转到consul server上
dns全部跳到consul DNS服务器上，非consul后缀的,使用 recursors 属性跳转到原DNS服务器上
dnsmaq 转：server=/consul/10.85.X.X#8600 解析consul后缀的
使用BIND配置DNS服务器

#这里用57节点进行安装 dnsmaq
echo "
 server=/consul/10.85.10.54#8600
 server=/consul/10.85.10.55#8600
 server=/consul/10.85.10.56#8600
 " > /etc/dnsmasq.d/10-consul

 echo "
 server=114.114.114.114
 server=8.8.8.8
 server=223.5.5.5
 " >> /etc/dnsmasq.conf


#添加到所有机器，包括本机、3个client、3个server端等
 echo "nameserver 10.85.10.57" > /etc/resolv.conf

# 在57节点上 启动 dnsmasq
 systemctl enable dnsmasq
 systemctl restart dnsmasq
 systemctl status dnsmasq

6.2 dnsmaq 状态检查

 dig @10.85.10.57  -p 53 proxysql.service.consul a
 dig @10.85.10.57  -p 53 6033-rw-app.proxysql.service.consul a


 nslookup  proxysql.service.consul
 nslookup  6033-rw-app.proxysql.service.consul

 ping proxysql.service.consul -c 4
 ping 6033-rw-app.proxysql.service.consul -c 4

#示例
#dig 测试
[root@huyidb04 soft]#  dig @10.85.10.57  -p 53 proxysql.service.consul a
; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> @10.85.10.57 -p 53 proxysql.service.consul a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8702
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;proxysql.service.consul.       IN      A

;; ANSWER SECTION:
proxysql.service.consul. 0      IN      A       10.85.10.53
proxysql.service.consul. 0      IN      A       10.85.10.52
proxysql.service.consul. 0      IN      A       10.85.10.51

;; Query time: 1 msec
;; SERVER: 10.85.10.56#53(10.85.10.56)
;; WHEN: Tue May 25 23:20:23 CST 2021
;; MSG SIZE  rcvd: 100


#nslookup 测试
[root@huyidb04 soft]# nslookup  proxysql.service.consul
Server:         10.85.10.57
Address:        10.85.10.57#53
Name:   proxysql.service.consul
Address: 10.85.10.51
Name:   proxysql.service.consul
Address: 10.85.10.52
Name:   proxysql.service.consul
Address: 10.85.10.53

#ping 测试
[root@huyidb04 soft]#  ping proxysql.service.consul -c 4
PING proxysql.service.consul (10.85.10.52) 57(84) bytes of data.
64 bytes from huyidb02 (10.85.10.52): icmp_seq=1 ttl=64 time=0.511 ms
64 bytes from huyidb02 (10.85.10.52): icmp_seq=2 ttl=64 time=0.362 ms
64 bytes from huyidb02 (10.85.10.52): icmp_seq=3 ttl=64 time=0.312 ms

7.连接测试

[root@huyidb01 consul.d]#  mysql -uitpux -pitpux123  -hproxysql.service.consul            
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 19704
Server version: 8.0.21 MySQL Community Server - GPL

Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>